• Brazil’s General Data Protection regulation (LGPD), a law similar to the GDPR, became effective December 2020. • Japan and the EU agreed to recognize each other’s data protection systems as equivalent, so data transfers between countries are now possible without further authorizations; • India’s Digital Personal Data Protection Act was passed in August 2023 (“DPDP”). The DPDP is similar to the GDPR and has an extraterritorial reach. • Thailand’s Personal Data Protection Act (PDPA), highly influenced by the GDPR became effective June 1, 2022. PDPA violators face the risk not only of fines, but the possibility of criminal prosecution and imprisonment for up to one year. • China has recently joined the list of countries that have adopted the world’s strictest data-privacy laws. China’s first attempt to regulate the internet was its Cybersecurity Law (“CSL”) of 2017. In 2021 China passed the Data Security Law of the P.R.C (“DSL”), which came into effect on September 1, 2021. China also passed the Personal Information Protection Law of P.R.C. (“PIPL”), which came into effect on November 1, 2021. The PIPL resembles EU’s General Data Protection Regulation (“GDPR”) in many aspects and is promising to reshape the handling of personal information in China. Privacy and data protection has now become a global discussion, and we expect more and more countries to be implementing and updating their laws to respond to this ever-evolving area of the law.
161
Made with FlippingBook - Online Brochure Maker